GHSA-m9mq-p2f9-cfqv

Suggest an improvement
Source
https://github.com/advisories/GHSA-m9mq-p2f9-cfqv
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/01/GHSA-m9mq-p2f9-cfqv/GHSA-m9mq-p2f9-cfqv.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-m9mq-p2f9-cfqv
Aliases
Published
2019-01-04T17:46:30Z
Modified
2024-09-04T19:46:12.905109Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
  • 9.3 (Critical) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSS Calculator
Summary
Bleach URI Scheme Restriction Bypass
Details

An issue was discovered in Bleach 2.1.x before 2.1.3. Attributes that have URI values weren't properly sanitized if the values contained character entities. Using character entities, it was possible to construct a URI value with a scheme that was not allowed that would slide through unsanitized.

References

Affected packages

PyPI / bleach

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.1.0
Fixed
2.1.3

Affected versions

2.*

2.1
2.1.1
2.1.2

Ecosystem specific

{
    "affected_functions": [
        "bleach.sanitizer.BleachSanitizerFilter.allow_token"
    ]
}